WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-changelog

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-changelog] [xen-unstable] x86 shadow: fix race when domain is dying

from [Xen patchbot-unstable] [Permanent Link][Original]
To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] x86 shadow: fix race when domain is dying
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 26 Nov 2009 03:30:23 -0800
Delivery-date: Thu, 26 Nov 2009 03:34:43 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx 
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1259233350 0
# Node ID 44ea369eefc13145c082fd0e48d15e502b7cd5b9
# Parent  d300628722987757d84728cf3ba15a572b2861d4
x86 shadow: fix race when domain is dying

There are some cases that shadow_write_p2m_entry() is called after
the domain is killed. It causes Xen to crash.

- Race between xc_map_foreign_batch from qemu-dm and "xm destroy"
  command.
- The hypervisor calls domain_crash when PoD fails.

Signed-off-by: Kouya Shimura <kouya@xxxxxxxxxxxxxx>
---
 xen/arch/x86/mm/p2m.c           |    6 ++++++
 xen/arch/x86/mm/shadow/common.c |    7 +++++++
 2 files changed, 13 insertions(+)

diff -r d30062872298 -r 44ea369eefc1 xen/arch/x86/mm/p2m.c
--- a/xen/arch/x86/mm/p2m.c     Thu Nov 26 11:00:49 2009 +0000
+++ b/xen/arch/x86/mm/p2m.c     Thu Nov 26 11:02:30 2009 +0000
@@ -1220,6 +1220,12 @@ p2m_gfn_to_mfn(struct domain *d, unsigne
     l1_pgentry_t *l1e;
 
     ASSERT(paging_mode_translate(d));
+
+    if ( unlikely(d->is_dying) )
+    {
+        *t = p2m_invalid;
+        return _mfn(INVALID_MFN);
+    }
 
     /* XXX This is for compatibility with the old model, where anything not 
      * XXX marked as RAM was considered to be emulated MMIO space.
diff -r d30062872298 -r 44ea369eefc1 xen/arch/x86/mm/shadow/common.c
--- a/xen/arch/x86/mm/shadow/common.c   Thu Nov 26 11:00:49 2009 +0000
+++ b/xen/arch/x86/mm/shadow/common.c   Thu Nov 26 11:02:30 2009 +0000
@@ -2171,6 +2171,7 @@ static void hash_foreach(struct vcpu *v,
 
     /* Say we're here, to stop hash-lookups reordering the chains */
     ASSERT(shadow_locked_by_me(d));
+    ASSERT(d->arch.paging.shadow.hash_table);
     ASSERT(d->arch.paging.shadow.hash_walking == 0);
     d->arch.paging.shadow.hash_walking = 1;
 
@@ -3449,6 +3450,12 @@ shadow_write_p2m_entry(struct vcpu *v, u
     
     shadow_lock(d);
 
+    if ( unlikely(d->is_dying) )
+    {
+        shadow_unlock(d);
+        return;
+    }
+
     /* If we're removing an MFN from the p2m, remove it from the shadows too */
     if ( level == 1 )
     {

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] x86 shadow: fix race when domain is dying, Xen patchbot-unstable <=
Previous by Date:  [Xen-changelog] [xen-unstable] Implement rdtscp emulation and rdtscp_aux "support", Xen patchbot-unstable
Next by Date:  [Xen-changelog] [xen-unstable] x86: Always respect guest setting CR4.TSD, Xen patchbot-unstable
Previous by Thread:  [Xen-changelog] [xen-unstable] Implement rdtscp emulation and rdtscp_aux "support", Xen patchbot-unstable
Next by Thread:  [Xen-changelog] [xen-unstable] x86: Always respect guest setting CR4.TSD, Xen patchbot-unstable
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy